From 50bc091ee4f88241ddd18941d817c725971ce49f Mon Sep 17 00:00:00 2001 From: huyz Date: Thu, 9 Mar 2023 19:16:27 -0800 Subject: [PATCH] Add role prompt_password --- CHANGELOG.rst | 15 +++++++++ README.md | 3 ++ changelogs/changelog.yaml | 13 ++++++++ .../fragments/2023-03-09_prompt_password.yml | 2 ++ .../fragments/2023-03-09_v1.0.3_summary.yml | 3 ++ galaxy.yml | 2 +- roles/add_to_config_file/README.md | 2 +- roles/prompt_password/README.md | 31 +++++++++++++++++++ roles/prompt_password/tasks/main.yml | 24 ++++++++++++++ 9 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/2023-03-09_prompt_password.yml create mode 100644 changelogs/fragments/2023-03-09_v1.0.3_summary.yml create mode 100644 roles/prompt_password/README.md create mode 100644 roles/prompt_password/tasks/main.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 9fb62c4..9b73ad0 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,21 @@ huyz.general Release Notes .. contents:: Topics +v1.0.3 +====== + +Release Summary +--------------- + +| Release Date: 2023-03-09 +| Initial release of the password_prompt role + + +Major Changes +------------- + +- prompt_password - initial commit + v1.0.2 ====== diff --git a/README.md b/README.md index cec927c..b5020a5 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,9 @@ Roles: - `huyz.general.add_to_config_file` ([README](https://github.com/huyz/ansible-collection-huyz-general/blob/master/roles/add_to_config_file/README.md)) - Function: Safely insert a block into one or more shell config files - Use case: Mainly intended to be re-used by other roles +- `huyz.general.prompt_password` ([README](https://github.com/huyz/ansible-collection-huyz-general/blob/master/roles/prompt_password/README.md)) + - Function: Prompts for the `ansible_password` if not defined. + - Use case: Avoid the need to call `ansible-playbook` with `--ask-pass` and `--ask-become-pass` --- diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 2c06dc8..241b7e4 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -13,3 +13,16 @@ releases: - 2023-02-25_add_to_config_file.yml - 2023-02-25_v1.0.2_summary.yml release_date: '2023-02-25' + 1.0.3: + changes: + major_changes: + - prompt_password - initial commit + release_summary: '| Release Date: 2023-03-09 + + | Initial release of the password_prompt role + + ' + fragments: + - 2023-03-09_prompt_password.yml + - 2023-03-09_v1.0.3_summary.yml + release_date: '2023-03-09' diff --git a/changelogs/fragments/2023-03-09_prompt_password.yml b/changelogs/fragments/2023-03-09_prompt_password.yml new file mode 100644 index 0000000..6441b69 --- /dev/null +++ b/changelogs/fragments/2023-03-09_prompt_password.yml @@ -0,0 +1,2 @@ +major_changes: + - prompt_password - initial commit diff --git a/changelogs/fragments/2023-03-09_v1.0.3_summary.yml b/changelogs/fragments/2023-03-09_v1.0.3_summary.yml new file mode 100644 index 0000000..bbba6dc --- /dev/null +++ b/changelogs/fragments/2023-03-09_v1.0.3_summary.yml @@ -0,0 +1,3 @@ +release_summary: | + | Release Date: 2023-03-09 + | Initial release of the password_prompt role diff --git a/galaxy.yml b/galaxy.yml index e0b17a1..573dbb9 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -8,7 +8,7 @@ namespace: huyz name: general # The version of the collection. Must be compatible with semantic versioning -version: 1.0.2 +version: 1.0.3 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md diff --git a/roles/add_to_config_file/README.md b/roles/add_to_config_file/README.md index 372ecb4..2910c42 100644 --- a/roles/add_to_config_file/README.md +++ b/roles/add_to_config_file/README.md @@ -8,7 +8,7 @@ Safely insert a block into one or more shell config files: ## Installation -This repo uses the FCQN convention. +This repo uses the FQCN convention. Include the collection in the Ansible Galaxy `requirements.yml`: diff --git a/roles/prompt_password/README.md b/roles/prompt_password/README.md new file mode 100644 index 0000000..841d029 --- /dev/null +++ b/roles/prompt_password/README.md @@ -0,0 +1,31 @@ +TODO: test with multiple hosts + +# Ansible role: huyz.general.password_prompt + +Prompts for the `ansible_password` if not defined, with the option to also set the `ansible_become_password` if not defined. + +This avoids the need to call `ansible-playbook` with `--ask-pass` and `--ask-become-pass`. + +## Installation + +This repo uses the FQCN convention. + +Include the collection in the Ansible Galaxy `requirements.yml`: + +```shell +--- +collections: + - name: huyz.general +``` + +You can then include the role `huyz.general.prompt_password`. + +## Example + +```yaml +- name: Prompt for ansible_password if needed + ansible.builtin.include_role: + name: huyz.generalprompt_password + vars: + copy_to_become_password: true +``` diff --git a/roles/prompt_password/tasks/main.yml b/roles/prompt_password/tasks/main.yml new file mode 100644 index 0000000..3fbdf4e --- /dev/null +++ b/roles/prompt_password/tasks/main.yml @@ -0,0 +1,24 @@ +# Accepts vars: +# - copy_to_become_password: true to automatically set `become_password` +# as well (if not yet defined). +--- +- name: Prompt for ssh password if necessary + when: ansible_password is undefined + block: + - name: Conditionally prompt for ssh password + ansible.builtin.pause: + prompt: "Password for {{ ansible_user_id | d('unknown') }}@{{ ansible_host | d('unknown') }}" + echo: false + register: password_prompt + no_log: true + + - name: Set ansible_password + ansible.builtin.set_fact: + ansible_password: "{{ password_prompt.user_input }}" + no_log: true + +- name: Set ansible_become_password + ansible.builtin.set_fact: + ansible_become_password: "{{ ansible_password }}" + no_log: true + when: copy_to_become_password | d(false) and ansible_become_password is undefined